What's Changed

• Take dependency updates by @ctz in #119
• Dependency updates, especially for libcrux-ml-kem by @ctz in #123
• Run rustls-graviola pairwise tests against more providers by @ctz in #122
• Prepare rustls-graviola 0.3.2 by @ctz in #125

Full Changelog: v/0.3.1...v/0.3.2

What's Changed

• Update dependencies by @ctz in #109
• Prepare rustls-graviola 0.3.1 by @ctz in #111

Full Changelog: v/0.3.0...v/0.3.1

This version has:

• AVX512 AES-GCM which increases AES256-GCM performance to around 9.33GiB/sec on my machine. This means an MSRV of 1.89.
• X25519MLKEM768 hybrid support in rustls-graviola, via a dependency on libcrux-ml-kem.

https://jbp.io/graviola/ has been updated for this version.

What's Changed

• Improve asn1 testing by @ctz in #83
• Document and check intel adx CPU feature bit requirement by @ctz in #85
• driver.py: aarch64: constants only need 4 KiB alignment by @phlip9 in #87
• Address more accurate clippy lints by @ctz in #88
• Lint for crate structure by @ctz in #89
• Fix performance regression of x86_64 GCM with rustc 1.87 by @ctz in #90
• rustls-graviola: support x25519mlkem768 hybrid using libcrux-ml-kem by @ctz in #91
• Prepare to support AVX512 for AES-GCM by @ctz in #92
• Test on a variety of x86-64 CPUs with Intel SDE by @ctz in #93
• Fix new lints in clippy 1.88 by @ctz in #94
• Add AMD zen 3 cpu data by @ctz in #96
• Fix new nightly warnings; take updated deps by @ctz in #97
• Adopt MSRV of 1.89 by @ctz in #100
• AVX512 AES-GCM by @ctz in #99
• Restore performance of AES-GCM with short messages by @ctz in #101
• Add token types for dynamic cpuid checks by @ctz in #102
• Take 2024 edition by @ctz in #104
• fuzz: use upstream lockfile by @ctz in #106
• Obtain coverage for AVX512 codepaths by @ctz in #105
• Tidying around intrinsics, safety comments, and pointer casts by @ctz in #108
• Prepare 0.3.0 by @ctz in #103

New Contributors

• @phlip9 made their first contribution in #87

Full Changelog: v/0.2.1...v/0.3.0

What's Changed

• remove unneeded direct rustls-pki-types dep by @ctz in #64
• Ensure Entry type lives for intended time by @ctz in #65
• Correct incorrect commentary and docs by @ctz in #70
• 2024 edition-ish by @ctz in #66
• Implement Error for graviola::Error by @bsamseth in #71
• Implement and test SigningKey::public_key() by @ctz in #72
• Check --all-targets for clippy lints by @ctz in #75
• Support RSA key generation by @ctz in #76
• Make test_{in,}valid_primes tests deterministic by @ctz in #79
• Take semver-compatible updates by @ctz in #80
• Take latest s2n-bignum by @ctz in #78
• Regress ARM bignum_emontredc_8n to non-NEON version by @ctz in #81
• Prepare 0.2.1 by @ctz in #82

New Contributors

• @bsamseth made their first contribution in #71

Full Changelog: v/0.2.0...v/0.2.1

Headlines

• 0.2.0 introduces a public API for general-purpose cryptography use, see the documentation.
• Performance improvements in ECDSA verification.
• Performance improvement in SHA512 for small inputs (eg, HMAC in TLS).
• Performance improvement of AES-GCM on ARM.
• XChaCha20Poly1305 now supported, thanks to @conradludgate.
• On ARM, neon registers are zeroised on return in secret functions.

What's Changed

• Document unsafe blocks by @ctz in #11
• ecdsa: add rejection sampling test vector by @ctz in #12
• try codspeed by @ctz in #13
• Introduce documented public API by @ctz in #14
• Add LICENSE file by @ctz in #16
• Update deps by @ctz in #17
• Use CAVP test vectors by @ctz in #18
• Use neon impls for squaring/multiplication mod p256/p384 by @ctz in #19
• aarch64: marginally improve performance of the aes-ctr part of aes-gcm by @ctz in #20
• Prepare 0.2.0 by @ctz in #21
• Implement XChaCha20Poly1305 by @conradludgate in #24
• Update dependencies by @ctz in #28
• Assorted asm generation improvements by @ctz in #27
• Improve ECDSA verification speed by @ctz in #26
• README: update aarch64 gcm details by @ctz in #30
• Add ticketer using xchacha20poly1305 by @ctz in #29
• hash: fix output length for SHA384 by @ctz in #31
• Take latest rustls by @ctz in #32
• Measure coverage by @ctz in #34
• coverage: also build main by @ctz in #35
• Reduce use of magic numbers by @ctz in #33
• Add basic exercising of rustls-graviola by @ctz in #36
• Fix and check DER integer rules by @ctz in #37
• Prepare 0.2.0-alpha.2 by @ctz in #38
• README improvements by @ctz in #39
• rustls-graviola: bump graviola version by @ctz in #40
• rustls-graviola: fix asterisk version by @ctz in #41
• Improve SHA512 small input performance by @ctz in #42
• rustfmt imports by @ctz in #43
• Support static DH by @ctz in #44
• fix zizmor warnings by @ctz in #45
• hash::Sha512: should be Clone by @ctz in #48
• x25519: check shared secret for zero by @ctz in #47
• Basic differential fuzzing by @ctz in #46
• Update dependencies by @ctz in #49
• Misc benchmarking alterations by @ctz in #50
• Micro-optimise HMAC by @ctz in #51
• aarch64: zero neon registers by @ctz in #52
• Improve test coverage by @ctz in #53
• Support encoding ECDSA private keys by @ctz in #54
• Fix aarch64 warnings by @ctz in #55
• Support encoding RSA keys by @ctz in #56
• Check constant-time data flows ala ctgrind by @ctz in #58
• Drop dependency on rustls-webpki by @ctz in #59
• Heuristic to avoid Q!("single string") noise by @ctz in #60
• Eliminate optimise_barrier by @ctz in #61
• Add logo revision by @ctz in #62
• cut 0.2.0 by @ctz in #63

New Contributors

• @conradludgate made their first contribution in #24

Full Changelog: v/0.1.1...v/0.2.0

What's Changed

• Prepare 0.1.0 by @ctz in #6
• Remove misunderstanding about what s2n-bignum verifies by @ctz in #8
• Long-term secret erasure by @ctz in #9
• Test & fix stated MSRV; prepare 0.1.1 by @ctz in #10

Full Changelog: v/0.1.0...v/0.1.1

First MVP release.

Full Changelog: https://github.com/ctz/graviola/commits/v/0.1.0